Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security Government United States

US Says It 'Hacked the Hackers' To Bring Down Hive Ransomware Gang (reuters.com) 34

The FBI revealed today that it had shut down the prolific ransomware gang called Hive, "a maneuver that allowed the bureau to thwart the group from collecting more than $130 million in ransomware demands from more than 300 victims," reports Reuters. Slashdot readers wiredmikey and unimind shared the news. From the report: At a news conference, U.S. Attorney General Merrick Garland, FBI Director Christopher Wray, and Deputy U.S. Attorney General Lisa Monaco said government hackers broke into Hive's network and put the gang under surveillance, surreptitiously stealing the digital keys the group used to unlock victim organizations' data. They were then able to alert victims in advance so they could take steps to protect their systems before Hive demanded the payments. "Using lawful means, we hacked the hackers," Monaco told reporters. "We turned the tables on Hive."

News of the takedown first leaked on Thursday morning when Hive's website was replaced with a flashing message that said: "The Federal Bureau of Investigation seized this site as part of coordinated law enforcement action taken against Hive Ransomware." Hive's servers were also seized by the German Federal Criminal Police and the Dutch National High Tech Crime Unit. The undercover infiltration, which started in July 2022, went undetected by the gang until now.

The Justice Department said that over the years, Hive has targeted more than 1,500 victims in 80 different countries, and has collected more than $100 million in ransomware payments. Although there were no arrests announced on Wednesday, Garland said the investigation was ongoing and one department official told reporters to "stay tuned."

This discussion has been archived. No new comments can be posted.

US Says It 'Hacked the Hackers' To Bring Down Hive Ransomware Gang

Comments Filter:
  • Uh, I hope that means arrests made but just not announced yet. Otherwise those guys are gone never to be seen again.

    • Re: (Score:1, Funny)

      by Narcocide ( 102829 )

      Another staged puppet-show victory by the FBI. Evidence of real-world impact on actual criminals: none [slashdot.org].

      • by gtall ( 79522 )

        And your evidence for this statement is pointed to other parts of the federal government not following proper security practices. Maybe you could get the FBI to put you on their internal memo list so you'd get the "real" info. Or you can continue to wallow in the post-modern "nothing is real" phobia so taken by those who hate the government.

        • Look, this has been happening for years. Government agencies and major corporations falling over left and right to the most laughable intrusions, showing complete technical ineptness that seems to belie their very operation. Meanwhile, every couple years the FBI pipes up with a press release to either sabotage an election or crow about a massive years-long deep-cover spoof job that finally at long last took down some "evil hacker organization" nobody has ever heard of - list of suspects, zero, list of crime

    • Uh, I hope that means arrests made but just not announced yet.

      The FBI can't "secretly" arrest people. A sealed indictment is a possibility, but that only happens pre-arrest.

      Otherwise those guys are gone never to be seen again.

      They'll be back in business in a week.

      It is unlikely they are operating from America or any friendly country.

    • Did they intervene and/or shut down the servers before or after the criminals stole the data? Even if they recover the key and the company can decrypt their data, the data might still have been stolen and could be released or used for further blackmail. Did they stop the encryption from happening in the first place? The announcement is vague, and though it is designed to get companies to report ransomware attacks, if the data theft was not prevented then companies still have an incentive to pay the ranso
    • Uh, I hope that means arrests made but just not announced yet. Otherwise those guys are gone never to be seen again.

      It's almost as if you think the FBI can arrest anybody, anywhere in the world.

      • Yeah weird because they don't ever work with other governments or have extradition treaties and those other governments wouldn't want a piece of these guys either and all bad guys only live in unfriendly countries, right?

        Got it. We are definitely on the same page, brother!

    • by gweihir ( 88907 )

      Apparently some physical hardware was seized in the EU. That may or may not mean they also have people arrested or at least identified. There may be some short-term lockouts in some countries that allow the respective police instances to keep that information back for a limited time, my guess would be not more than 48h after the actual arrest or so.

  • by quonset ( 4839537 ) on Thursday January 26, 2023 @09:17PM (#63243797)

    Hack the Gibson!

  • by znrt ( 2424692 )

    Although there were no arrests announced

    so they "brought down the gang" and arrested no one? this ai thing is getting out of hand already ...

    • by Bert64 ( 520050 )

      Likely the actual perpetrators are located somewhere the FBI has no jurisdiction and has no way to arrest them, so the best they can achieve is to disrupt their operations.

      • With tools like extradition treaties, Interpol, etc, that's not as many places as one might think.

        • Not many, but big places. Good luck extraditing someone from places like China or Russia.

          • Good luck extraditing someone from places like China or Russia.

            Why would you? You legally can't do anything worse to them than leaving them there.

            • a maneuver that allowed the bureau to thwart the group from collecting more than $130 million in ransomware demands

              The undercover infiltration, which started in July 2022

              If they're normally collecting that much money from their victims, even Russia or China are probably not the worst places to live when you're that rich. It depends on how many people they have to share it between, but still, that is a lot of money.

  • "Using lawful means, we hacked the hackers," Monaco told reporters.

    I, for one, would like to know the statute under which this was deemed 'lawful.'

    • by gweihir ( 88907 )

      Under the statute of "might makes right". From the reporting here in Europe, some physical hardware was seized, so at least some EU court orders may actually have made part of this legal. I still suspect that some systems got hacked without local court order in the country the system was in and that is clearly a criminal act. Nobody is going to complain though and that is wrong in itself.

  • People need to take security more seriously. There will always be more thieves lining up to take their place.
  • If they have good evidence of a hospital being hit by one of the ransomeware attacks I hope that the people involved are arrested, convicted and placed in prison for the rest of their lives. These kinds of computer attacks pose a serious risk to hospitalized people and they demand a harsh punishment.
  • There the "hackers" (crackers) are hacked! Ops...
  • a maneuver that allowed the bureau to thwart the group from collecting more than $130 million in ransomware demands from more than 300 victims,"

    Let me guess how this was computed: Take all the active ransomware infections and assume each victim pays the ransom 100% in full. Which of course, is never going to be anywhere near that, maybe 10% of victims might actually end up paying the ransom.

    But, the FBI loves Attaboys! Much like the DEA would seize a kilo of cocaine and claim its street value was some astronomical number based on selling it in .5gram increments at full retail, the FBI is claiming a number which is not realistic.

    Whenever the

  • by kackle ( 910159 )
    Here's an interesting story [aarp.org] about hacking some scammers.
  • I don't think they know what that word means.

To communicate is the beginning of understanding. -- AT&T

Working...